[rt-users] Help with Active Directory Auth on 4.2.2

Thu, 06 Feb 2014 10:03:19 -0800 

Hi,

I need some help from you whom have already Request Tracker with Active 
Directory!

After struggle for some days trying to authenticate Active Directory users with 
the External Auth module I bring you my Apache Log and configuration of the 
Plugin. May someone help me with advices??? I would love to see my Request 
Tracker linked to the Active Directory of the company.

My Operational Systems are:
Request Tracker 4.2.2 - Ubuntu 13.10
Active Directory - Windows 2008 Server

Well after trying to figure out how the Plugin Works I wanted to make sure my 
Active Directory was acessible and the Bind account was working. So I check 
with the command:

ldapsearch -x -h pdcsti.stitelecom.local -p 389 -D 
"cn=rt-ldap,cn=Users,dc=stitelecom,dc=local" -w secret -s sub -b 
'cn=Users,dc=stitelecom,dc=local' "(&(objectClass=*))"

When I do it the output is a loto f Users, Groups and other objects from the 
AD. So I suppose the AD is ready right??

Follow the RT part...

+++++In the /var/log/apache2/error.log++++++

[4638] [Thu Feb  6 14:41:01 2014] [info]: 
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: , 
EmailAddress: r...@stitelecom.com.br, ExternalAuthId: rtop, Gecos: rtop, Name: 
rtop, Privileged: , RealName:  
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:685)
[4638] [Thu Feb  6 14:41:01 2014] [info]: Autocreated external user rtop ( 118 
) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:281)
[4638] [Thu Feb  6 14:41:01 2014] [info]: My_LDAP AUTH FAILED rtop (can't bind: 
LDAP_INVALID_CREDENTIALS 49 ) 
(/opt/rt4/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:227)
[4638] [Thu Feb  6 14:41:01 2014] [error]: FAILED LOGIN for rtop from 
10.10.1.137 (/opt/rt4/sbin/../lib/RT/Interface/Web.pm:814)

++++++ In the RT_Siteconfig.pm: +++++++

Plugin( "RT::Authen::ExternalAuth" );
Set($ExternalAuthPriority,  [ 'My_LDAP' ] );
Set($ExternalInfoPriority,  [ 'My_LDAP' ] );
Set($AutoCreateNonExternalUsers,    0);
Set($ExternalSettings, {

'My_LDAP'       =>  {
        'type'                      =>  'ldap',
        'server'                    =>  'pdcsti.stitelecom.local',
        'user'                      =>  
'cn=rt-ldap,cn=Users,dc=stitelecom,dc=local',
        'pass'                      =>  'secret',
        'base'                      =>  'dc=stitelecom,dc=local',
        'filter'                    =>  '(objectclass=*)',
        'group'                     =>  
'cn=RTUsers,ou=RT4,ou=STI,dc=stitelecom,dc=local',
        'group_attr'                =>  'uniqueMember',
        'tls'                       =>  0,
        'ssl_version'               =>  3,
        'net_ldap_args'             => [    version =>  3   ],
        'attr_match_list' => [
            'Name',
            'EmailAddress',
        ],
        'attr_map' => {
            'Name' => 'sAMAccountName',
            'EmailAddress' => 'mail',
            'ExternalAuthId' => 'sAMAccountName',
        },
    },
} );
1;


THANK YOU IN ADVANCE!


[Diego2013]

<<inline: image002.jpg>>

Reply via email to